chocolatey is vulnerable to denial of service (DoS) attacks. The library uses an outdated version of the 7zip application that is affected by CVE-2017-17969, causing a heap based buffer overflow when it processes certain zip files, crashing the application or executing arbitrary code. This vulnerability only affects window systems.